Loading HuntDB...

Vulnerability Intelligence by wss.sh

Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News

More Sources

HackerOne Reports

Bug bounty disclosures

WordPress Vulnerabilities

WordPress plugins & themes

Tools & Data

Trending Insights

Popular vulnerabilities

Advanced Search

Filter & search CVEs

Product Inventory

Software & vendors

Sign In Sign Up

Gratipay - HackerOne Reports

View on HackerOne

88

Total Reports

0

Critical

5

High

14

Medium

13

Low

CSV injection in gratipay.com via payment history export feature.

Reported by: edoverflow | Disclosed:

Medium

Weakness: Command Injection - Generic

Missing Certificate Authority Authorization rule

Reported by: spaced | Disclosed:

Weakness: Cryptographic Issues - Generic

CSRF csrftoken in cookies

Reported by: promx | Disclosed:

High

Weakness: Cross-Site Request Forgery (CSRF)

xss

Reported by: behzad900 | Disclosed:

Weakness: Cross-Site Request Forgery (CSRF)

csrf_token cookie don't have the flag "HttpOnly"

Reported by: kuskumar | Disclosed:

Weakness: Cross-Site Request Forgery (CSRF)

SSl Weak Ciphers

Reported by: mkd1r | Disclosed:

Low

Weakness: Cryptographic Issues - Generic

Reflected SQL Execution

Reported by: thebugguy | Disclosed:

prevent content spoofing on /~username/emails/verify.html

Reported by: a5tronaut | Disclosed:

Weakness: Violation of Secure Design Principles

Previous Page 5 of 5